﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.Configuration;
using System.Data.SqlClient;
using System.Data;
using System.Data.Sql;


public partial class MasterPage : System.Web.UI.MasterPage
{
    protected void Page_Load(object sender, EventArgs e)
    {
        bool loginFlag = false;
        HttpCookie usr = Request.Cookies["usr"];
        HttpCookie psw = Request.Cookies["psw"];
        if (usr != null && psw != null)
        {
            loginFlag = checkLogin(usr.Value,psw.Value);
        }
        if (loginFlag == true)
        {
            loginBut.Visible = false;
            endLoginBut.Visible = true;
        }
        else
        {
            loginBut.Visible = true;
            endLoginBut.Visible = false;
            string url = HttpContext.Current.Request.Url.AbsolutePath;
            bool flag = false;
            if (url == "/Menu.aspx" || url == "/Default.aspx" || url == "/Login.aspx" || url == "/Register.aspx")
            {
                flag = true;
            }
            if (flag == false)
            {
                Response.Write(@"<script>alert('请先登录用户！');</script>");
                Response.Redirect("./Login.aspx");
            }

        }
        
    }
    protected bool checkLogin(string usr, string psw)
    {
        string connectionString = WebConfigurationManager.ConnectionStrings["ConnectionStrCustomer"].ConnectionString;

        string username = usr;
        string password = psw;

        string sqlString = "select * from Customer_Account where Aaccount = @username and Apswd = @password";
        SqlParameter[] parameters = {
                                        new SqlParameter("@username",username),
                                        new SqlParameter("@password", password)
                                    };
        using (SqlConnection conn = new SqlConnection(connectionString))
        {
            try
            {
                conn.Open();
                using (SqlCommand cmd = conn.CreateCommand())
                {
                    cmd.CommandText = sqlString;
                    cmd.Parameters.AddRange(parameters);
                    DataSet ds = new DataSet();
                    SqlDataAdapter adapter = new SqlDataAdapter(cmd);
                    adapter.Fill(ds);
                    DataTable table = ds.Tables[0];
                    if (table.Rows.Count > 0)
                    {
                        return true;
                    }
                    else
                        return false;

                }

            }
            catch (Exception ez)
            {
                Response.Write(@"<b>异常信息:</b>" + ez.Message);
            }
            finally
            {
                conn.Close();
            }
            return false;
        }
    }
    protected void loginBut_Click(object sender, EventArgs e)
    {
        Response.Redirect("./Login.aspx");
    }

    protected void endLoginBut_Click(object sender, EventArgs e)
    {
        HttpCookie usr = new System.Web.HttpCookie("usr","");
        HttpCookie psw = new System.Web.HttpCookie("psw","");
        Response.Cookies.Add(usr);
        Response.Cookies.Add(psw);
        Response.AddHeader("Refresh", "0");  //刷新当前页面

    }
}
